[Cryptography] OpenPGP and trust
Bill Frantz
frantz at pwpconsult.com
Sat Mar 29 21:11:51 EDT 2014
On 3/29/14 at 6:43 PM, stuartl at longlandclan.yi.org (Stuart
Longland) wrote:
>Presently, there are a few means of authentication. One is
>call-sign databases ran by QRZ.com and other sites. Some of
>these cost money (after all, they cost money to run) to query.
>Unfortunately at best they can tell you that the callsign AB2CD
>is a valid call-sign and is owned by "Joe Public" living in
>some part of the US.
The amateur radio community is a very interesting example for
people interested in networked security. In amateur radio,
everyone has unique true name. Mine is AE6JV. These names are
government assigned and more interestingly, unique, global, and
memorable (all 3 sides of Zooko's triangle). (Authenticating
that someone the "real" AE6JV is a separate, unsolved, problem.)
By looking at interpersonal interactions in the amateur radio
community, one can gain insight how humans react to such an
identity situation.
Note that for US hams, the QRZ database is directly downloaded
from the FCC. In that database, I am William, not Bill. When
someone greets me as William, I know they got the name from the
database, and not directly from me.
Cheers - Bill
---------------------------------------------------------------------------
Bill Frantz |"Web security is like medicine - trying to
do good for
408-356-8506 |an evolved body of kludges" - Mark Miller
www.pwpconsult.com |
More information about the cryptography
mailing list